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CLAIMS 

We claim: 

[ci] 1 . A method in a computer system of restricting access to memory, the method 

comprising: 

setting a memory location to indicate a trap should occur when the memory 

location is accessed; 
under control of a restricted portion of a computer program, 

setting a pointer to point to the memory location that indicates that traps to 

the pointed to memory location are enabled; and 
accessing the memory location using the set pointer so that a trap occurs 
and access to the restricted memory location is detected; and 
under control of an unrestricted portion of a computer program, 

setting a pointer to point to the memory location that indicates that traps to 

the pointed to memory location are disabled; and 
accessing the memory location using the set pointer so that a trap does not 
occur and access to the restricted memory location is allowed. 

[c2] 2. The method of claim 1 wherein a user program typically accesses memory 

locations using pointers with traps enabled. 

[c3] 3. The method of claim 1 including setting all memory locations of a data 

structure to indicate a trap should occur when the memory locations are accessed. 
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[c4] 4. The method of claim 1 wherein when the memory location is accessed, 

invoking a trap handler. 

[c5] 5. A system for restricting access to memory, the system comprising: 

means for, under control of a computer program, indicating that a trap should occur 

when a memory location is accessed; 
means for, under control of a restricted portion of the computer program, 

setting a pointer to a memory location wherein the pointer has an indication 
of trap handling; 
means for accessing the memory location; and 
means for handling a trap wherein propriety of the access is detected. 



[06] 6. The system of claim 5 wherein the indication of trap handling is enabled, 

[c7] 7. The system of claim 5 wherein the indication of trap handling is disabled. 

[c8] 8. The method of claim 5 wherein the propriety is unauthorized. 

[c9] 9. The method of claim 5 wherein the propriety is authorized. 

[clO] 10. A computer-readable medium for restricting access to memory, comprising: 



a data structure with a plurality of elements; 

a pointer to an element in the data structure, the pointer having an indication of 
whether a trap is enabled depending on whether a restricted or unrestricted 
portion of a computer program is accessing the data structure; 
for each element, an indication of whether a trap is enabled; and 
a handler including instructions for handling the enabled trap. 

[cl1] 11. The computer-readable medium of claim 10 wherein the mdication for an 

element is enabled. 
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[ci2] 12. The computer-readable medium of claim 10 wherein the handler is invoked 

when the element in the data structure is accessed through a pointer whose indication is 
enabled. 

[cl3] 13. The computer-readable medium of claim 10 wherein the handler is not 

invoked when the element in the data structure is accessed through a pointer whose 
indication is disabled. 

[cl4] 14. The computer-readable medium of claim 13 wherein the indication for an 

element is disabled. 

[cl5] 15. The computer-readable medium of claim 13 wherein the handler is invoked 

when the element in the data structure is accessed through a pointer whose indication is 
enabled. 

[cl 6] 1 6. A system for restricting access to memory comprising: 

a component that sets a memory location to indicate a trap should occur when the 

memory location is accessed; 
a component that, under control of a restricted portion of a computer program, 

sets a pointer to point to the memory location that indicates that traps to the 

pointed to memory location are enabled; and 
accesses the memory location using the set pointer so that a trap occurs and 
access to the restricted memory location is detected; and 
a component that, under control of an unrestricted portion of a computer program, 
sets a pointer to point to the memory location that indicates that traps to the 

pointed to memory location are disabled; and 
accesses the memory location using the set pointer so that a trap does not 
occur and access to the restricted memory location is allowed. 
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17. The system of claim 16 wherein a user program typically accesses memory 
locations using pointers with traps enabled. 

18. The system of claim 16 including a component that sets all memory 
locations of a data structure to indicate a trap should occur when the memory locations are 
accessed. 

19. The system of claim 16 wherein when the memory location is accessed, a 
trap handler is invoked. 



